diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2008-01-15 01:28:13 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2008-01-15 01:28:13 +0000 |
commit | 00a0a4f0aaebab9cee5e4b3121d6780cc665ea4a (patch) | |
tree | d6bf4259166d6d800cd2752de178dd074525b1d1 /packages | |
parent | 3c17989428638e9092bd435cabb4b48239962a76 (diff) | |
download | pfsense-packages-00a0a4f0aaebab9cee5e4b3121d6780cc665ea4a.tar.gz pfsense-packages-00a0a4f0aaebab9cee5e4b3121d6780cc665ea4a.tar.bz2 pfsense-packages-00a0a4f0aaebab9cee5e4b3121d6780cc665ea4a.zip |
Renaming sipprox.inc -> siproxd.inc
Diffstat (limited to 'packages')
-rw-r--r-- | packages/siproxd.inc | 180 |
1 files changed, 180 insertions, 0 deletions
diff --git a/packages/siproxd.inc b/packages/siproxd.inc new file mode 100644 index 00000000..de6fecb3 --- /dev/null +++ b/packages/siproxd.inc @@ -0,0 +1,180 @@ +<?php +/* $Id$ */ +/* + siproxd.inc + Copyright (C) 2006 Scott Ullrich + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once('globals.inc'); +require_once('config.inc'); +require_once('util.inc'); +require_once('pfsense-utils.inc'); +require_once('pkg-utils.inc'); +require_once('filter.inc'); +require_once('service-utils.inc'); + +function siproxd_generate_rules($type) { + global $config; + + $siproxd_conf = &$config['installedpackages']['siproxd']['config'][0]; + if (!is_service_running('siproxd')) { + log_error("Sipproxd is installed but not started. Not installing redirect rules."); + return; + } + + /* proxy is turned off in package settings */ + if($siproxd_conf['rtpenable'] == "0") { + return "\n"; + } + + $ifaces = explode(",", $siproxd_conf['if_inbound']); + $ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces); + $rtplower = ($siproxd_conf['rtplower'] ? $siproxd_conf['rtplower'] : 7070); + $rtpupper = ($siproxd_conf['rtpupper'] ? $siproxd_conf['rtpupper'] : 7079); + $port = ($siproxd_conf['proxy_port'] ? $siproxd_conf['proxy_port'] : 5060); + + switch($type) { + case 'nat': + $rules .= "\n# Setup Sipproxd proxy redirect\n"; + foreach ($ifaces as $iface) { + $rules .= "rdr on {$iface} proto udp from any to !($iface) port {$port} -> 127.0.0.1 port {$port}\n"; + } + break; + case 'filter': + foreach ($ifaces as $iface) { + $rules .= "# allow SIP signaling and RTP traffic\n"; + $rules .= "pass in quick on {$iface} proto udp from any to any port = {$port}\n"; + $rules .= "pass in quick on {$iface} proto udp from any to any port {$rtplower}:{$rtpupper}\n"; + } + break; + default: + break; + } + + return $rules; +} + +function sync_package_siproxd() { + global $config; + log_error("1"); + conf_mount_rw(); + log_error("2"); + config_lock(); + + $conf = &$config['installedpackages']['siproxd']['config'][0]; + $fout = fopen("/usr/local/etc/siproxd.conf","w"); + log_error("3"); + fwrite($fout, "# This file was automatically generated by the pfSense\n"); + fwrite($fout, "# package management system.\n\n"); + log_error("4"); + /* proxy is turned off in package settings */ + if($_POST['rtpenable'] == "0") { + fclose($fout); + return; + } + + if($_POST['if_inbound'] != "") { + fwrite($fout, "if_inbound = " . convert_friendly_interface_to_real_interface_name($_POST['if_inbound']) . "\n"); + } + log_error("5"); + if($_POST['if_outbound'] != "") { + if($config['interfaces'][$_POST['if_outbound']]['ipaddr'] == "pppoe") { + fwrite($fout, "if_outbound = ng0\n"); + } else { + fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($_POST['if_outbound']) . "\n"); + } + } + log_error("6"); + if($_POST['port'] != "") { + fwrite($fout, "sip_listen_port = " . $_POST['port'] . "\n"); + } else { + fwrite($fout, "sip_listen_port = 5060\n"); + } + log_error("7"); + fwrite($fout, "daemonize = 1\n"); + fwrite($fout, "silence_log = 0\n"); + fwrite($fout, "log_calls = 1\n"); + fwrite($fout, "user = nobody\n"); + fwrite($fout, "chrootjail = /usr/local/siproxd/\n"); + fwrite($fout, "registration_file = siproxd_registrations\n"); + fwrite($fout, "pid_file = siproxd.pid\n"); + log_error("8"); + if($_POST['rtpenable'] != "") { + fwrite($fout, "rtp_proxy_enable = " . $_POST['rtpenable'] . "\n"); + } else { + fwrite($fout, "rtp_proxy_enable = 1\n"); + } + log_error("9"); + if($_POST['rtplower'] != "") { + if($_POST['rtpupper'] != "") { + fwrite($fout, "rtp_port_low = " . $_POST['rtplower'] . "\n"); + fwrite($fout, "rtp_port_high = " . $_POST['rtpupper'] . "\n"); + } + } + log_error("10"); + if($_POST['rtptimeout'] != "") { + fwrite($fout, "rtp_timeout = " . $_POST['rtptimeout'] . "\n"); + } else { + fwrite($fout, "rtp_timeout = 300\n"); + } + log_error("11"); + if($_POST['defaulttimeout'] != "") { + fwrite($fout, "default_expires = " . $_POST['defaulttimeout'] . "\n"); + } else { + fwrite($fout, "default_expires = 600\n"); + } + log_error("12"); + if($_POST['authentication']) { + fwrite($fout, "proxy_auth_realm = Authentication_Realm\n"); + fwrite($fout, "proxy_auth_pwfile = /usr/local/etc/siproxd_passwd.cfg\n"); + } + log_error("13"); + fwrite($fout, "debug_level = 0x00000000\n"); + if($_POST['outboundproxyhost'] != "") { + if($_POST['outboundproxyport'] != "") { + fwrite($fout, "outbound_proxy_host = " . $_POST['outboundproxyhost'] . "\n"); + fwrite($fout, "outbound_proxy_port = " . $_POST['outboundproxyport'] . "\n"); + } + } + log_error("14"); + fclose($fout); + log_error("15"); + write_rcfile(array( + "file" => "siproxd.sh", + "start" => "/usr/local/sbin/siproxd -c /usr/local/etc/siproxd.conf &", + "stop" => "/usr/bin/killall siproxd" + ) + ); + log_error("16"); + stop_service("siproxd"); + start_service("siproxd"); + log_error("17"); + conf_mount_ro(); + log_error("18"); + config_unlock(); + log_error("19"); + } + +?>
\ No newline at end of file |